本文所使用的项目地址https://github.com/oznu/docker-cloudflare-ddns

安装 docker

yum install -y yum-utils device-mapper-persistent-data lvm2 && yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo && yum install docker-ce && systemctl start docker && systemctl enable docker && docker version

快速设置：

docker run -d \
  -e EMAIL=hello@example.com \
  -e API_KEY=xxxxxxx \
  -e ZONE=example.com \
  -e SUBDOMAIN=subdomain \
  --restart=always oznu/cloudflare-ddns

步骤概述：

1、搜寻PPPoE相关软件，本人使用的是rp-pppoe

　　yum search pppoe

2、使用yum安装rp-pppoe

　　yum install rp-pppoe -y

3、开始配置PPPoE连接

　　pppoe-setup

4、输入ISP提供的账户

5、输入以太网卡代号，默认是eth0（注：CentOS 7已不是默认eth0，自行使用ifconfig命令即可找到）

6、配置：若长时间连线，连线会被自动中断（我不干，选no）

7、配置主DNS服务器

8、配置次DNS服务器

9、两次输入账户密码以确认

10、配置普通账户是否有网络连接权限

11、配置防火墙（没有特殊需求选0就OK）

12、配置是否开机自动拨号连接

13、确认刚填写的配置信息

14、连接网络尽情享受吧！

相关命令@ 连接网络：/sbin/ifup ppp0，断开连接：/sbin/ifdown ppp0，查看网络状态：/sbin/pppoe-status

....................................... 这是华丽丽的分割线 .......................................
获取以太网卡代号

复制代码
1 [dsp@dsp Desktop]$ ifconfig
2 enp9s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 # 有线网卡
3 ether 20:1b:06:3d:22:05 txqueuelen 1000 (Ethernet)
4 RX packets 0 bytes 0 (0.0 B)
5 RX errors 0 dropped 2297 overruns 0 frame 0
6 TX packets 0 bytes 0 (0.0 B)
7 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
8 device interrupt 18
9
10 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
11 inet 127.0.0.1 netmask 255.0.0.0
12 inet6 ::1 prefixlen 128 scopeid 0x10
13 loop txqueuelen 0 (Local Loopback)
14 RX packets 2 bytes 110 (110.0 B)
15 RX errors 0 dropped 0 overruns 0 frame 0
16 TX packets 2 bytes 110 (110.0 B)
17 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
18
19 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
20 inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
21 ether 52:54:00:36:45:23 txqueuelen 0 (Ethernet)
22 RX packets 0 bytes 0 (0.0 B)
23 RX errors 0 dropped 0 overruns 0 frame 0
24 TX packets 0 bytes 0 (0.0 B)
25 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
26
27 wlp8s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 # 无线网卡
28 inet 192.168.0.151 netmask 255.255.255.0 broadcast 192.168.0.255
29 inet6 fe80::4ad2:24ff:fee8:f962 prefixlen 64 scopeid 0x20
30 ether 48:d2:24:e8:f9:62 txqueuelen 1000 (Ethernet)
31 RX packets 20017 bytes 16100210 (15.3 MiB)
32 RX errors 0 dropped 0 overruns 0 frame 0
33 TX packets 18263 bytes 2641746 (2.5 MiB)
34 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
复制代码
配置rp-pppoe客户端

  1 [root@dsp Desktop]# pppoe-setup
  2 Welcome to the PPPoE client setup.  First, I will run some checks on
  3 your system to make sure the PPPoE client is installed properly...
  4 
  5 LOGIN NAME
  6 
  7 Enter your Login Name (default dsp): 12345      　　# 网络服务提供商提供的账户
  8 
  9 INTERFACE
 10 
 11 Enter the Ethernet interface connected to the PPPoE modem
 12 For Solaris, this is likely to be something like /dev/hme0.
 13 For Linux, it will be ethX, where 'X' is a number.
 14 (default eth0): enp9s0                          　　# 选择以太网卡，有线网卡
 15 
 16 Do you want the link to come up on demand, or stay up continuously?
 17 If you want it to come up on demand, enter the idle time in seconds
 18 after which the link should be dropped.  If you want the link to
 19 stay up permanently, enter 'no' (two letters, lower-case.)
 20 NOTE: Demand-activated links do not interact well with dynamic IP
 21 addresses.  You may have some problems with demand-activated links.
 22 Enter the demand value (default no): no         　　# 输入no，否则若长时间连线，连线会被自动中断
 23 
 24 DNS
 25 
 26 Please enter the IP address of your ISP's primary DNS server.
 27 If your ISP claims that 'the server will provide dynamic DNS addresses',
 28 enter 'server' (all lower-case) here.
 29 If you just press enter, I will assume you know what you are
 30 doing and not modify your DNS setup.
 31 Enter the DNS information here: 8.8.8.8         　　# 主DNS服务器IP，本人使用Google Public DNS
 32 Please enter the IP address of your ISP's secondary DNS server.
 33 If you just press enter, I will assume there is only one DNS server.
 34 Enter the secondary DNS server address here: 8.8.4.4      　　# 二级DNS服务器IP
 35 
 36 PASSWORD　　　　　　　　　　　　　　　　　　　　　　　　　# 账户对应的密码，需两次输入以确认无误
 37 
 38 Please enter your Password: 
 39 Please re-enter your Password: 
 40 
 41 USERCTRL
 42 
 43 Please enter 'yes' (three letters, lower-case.) if you want to allow
 44 normal user to start or stop DSL connection (default yes): yes  # 普通用户是否可以启动停止网络连接
 45 
 46 FIREWALLING
 47 
 48 Please choose the firewall rules to use.  Note that these rules are
 49 very basic.  You are strongly encouraged to use a more sophisticated
 50 firewall setup; however, these will provide basic security.  If you
 51 are running any servers on your machine, you must choose 'NONE' and
 52 set up firewalling yourself.  Otherwise, the firewall rules will deny
 53 access to all standard servers like Web, e-mail, ftp, etc.  If you
 54 are using SSH, the rules will block outgoing SSH connections which
 55 allocate a privileged source port.
 56 
 57 The firewall choices are:
 58 0 - NONE: This script will not set any firewall rules.  You are responsible
 59           for ensuring the security of your machine.  You are STRONGLY
 60           recommended to use some kind of firewall rules.
 61 1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
 62 2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
 63                 for a LAN
 64 Choose a type of firewall (0-2): 0　　　　　　　　　　　　　　　# 选 0 吧
 65 
 66 Start this connection at boot time
 67 
 68 Do you want to start this connection at boot time?
 69 Please enter no or yes (default no):yes　　　　　　　　　　　　# 是否系统启动是就连接网络
 70 
 71 ** Summary of what you entered **　　　　　　　　　　　　　　　
 72 
 73 Ethernet Interface: enp9s0
 74 User name:          12345
 75 Activate-on-demand: No
 76 Primary DNS:        8.8.8.8
 77 Secondary DNS:      8.8.4.4
 78 Firewalling:        NONE
 79 User Control:       yes
 80 Accept these settings and adjust configuration files (y/n)? y　　　　# 确认刚才输入的网络配置信息
 81 Adjusting /etc/sysconfig/network-scripts/ifcfg-ppp0
 82 Adjusting /etc/resolv.conf
 83   (But first backing it up to /etc/resolv.conf.bak)
 84 Adjusting /etc/ppp/chap-secrets and /etc/ppp/pap-secrets
 85   (But first backing it up to /etc/ppp/chap-secrets.bak)
 86   (But first backing it up to /etc/ppp/pap-secrets.bak)
 87 
 88 
 89 Congratulations, it should be all set up!
 90 
 91 Type '/sbin/ifup ppp0' to bring up your xDSL link and '/sbin/ifdown ppp0'　# rp-pppoe的操作命令
 92 to bring it down.
 93 Type '/sbin/pppoe-status /etc/sysconfig/network-scripts/ifcfg-ppp0'
 94 to see the link status.
 95 
 96 [root@dsp Desktop]# /sbin/ifup ppp0　　　　　　# 启动网络连接
 97 [root@dsp Desktop]# /sbin/pppoe-status　　　　# 查看网络连接状态
 98 pppoe-status: Link is up and running on interface ppp0
 99 6: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
100     link/ppp 
101     inet 10.198.0.17 peer 10.198.1.1/32 scope global ppp0
102        valid_lft forever preferred_lft forever

配置rp-pppoe客户端

 1 [root@dsp Desktop]# pppoe-setup
  2 Welcome to the PPPoE client setup.  First, I will run some checks on
  3 your system to make sure the PPPoE client is installed properly...
  4 
  5 LOGIN NAME
  6 
  7 Enter your Login Name (default dsp): 12345      　　# 网络服务提供商提供的账户
  8 
  9 INTERFACE
 10 
 11 Enter the Ethernet interface connected to the PPPoE modem
 12 For Solaris, this is likely to be something like /dev/hme0.
 13 For Linux, it will be ethX, where 'X' is a number.
 14 (default eth0): enp9s0                          　　# 选择以太网卡，有线网卡
 15 
 16 Do you want the link to come up on demand, or stay up continuously?
 17 If you want it to come up on demand, enter the idle time in seconds
 18 after which the link should be dropped.  If you want the link to
 19 stay up permanently, enter 'no' (two letters, lower-case.)
 20 NOTE: Demand-activated links do not interact well with dynamic IP
 21 addresses.  You may have some problems with demand-activated links.
 22 Enter the demand value (default no): no         　　# 输入no，否则若长时间连线，连线会被自动中断
 23 
 24 DNS
 25 
 26 Please enter the IP address of your ISP's primary DNS server.
 27 If your ISP claims that 'the server will provide dynamic DNS addresses',
 28 enter 'server' (all lower-case) here.
 29 If you just press enter, I will assume you know what you are
 30 doing and not modify your DNS setup.
 31 Enter the DNS information here: 8.8.8.8         　　# 主DNS服务器IP，本人使用Google Public DNS
 32 Please enter the IP address of your ISP's secondary DNS server.
 33 If you just press enter, I will assume there is only one DNS server.
 34 Enter the secondary DNS server address here: 8.8.4.4      　　# 二级DNS服务器IP
 35 
 36 PASSWORD　　　　　　　　　　　　　　　　　　　　　　　　　# 账户对应的密码，需两次输入以确认无误
 37 
 38 Please enter your Password: 
 39 Please re-enter your Password: 
 40 
 41 USERCTRL
 42 
 43 Please enter 'yes' (three letters, lower-case.) if you want to allow
 44 normal user to start or stop DSL connection (default yes): yes  # 普通用户是否可以启动停止网络连接
 45 
 46 FIREWALLING
 47 
 48 Please choose the firewall rules to use.  Note that these rules are
 49 very basic.  You are strongly encouraged to use a more sophisticated
 50 firewall setup; however, these will provide basic security.  If you
 51 are running any servers on your machine, you must choose 'NONE' and
 52 set up firewalling yourself.  Otherwise, the firewall rules will deny
 53 access to all standard servers like Web, e-mail, ftp, etc.  If you
 54 are using SSH, the rules will block outgoing SSH connections which
 55 allocate a privileged source port.
 56 
 57 The firewall choices are:
 58 0 - NONE: This script will not set any firewall rules.  You are responsible
 59           for ensuring the security of your machine.  You are STRONGLY
 60           recommended to use some kind of firewall rules.
 61 1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
 62 2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
 63                 for a LAN
 64 Choose a type of firewall (0-2): 0　　　　　　　　　　　　　　　# 选 0 吧
 65 
 66 Start this connection at boot time
 67 
 68 Do you want to start this connection at boot time?
 69 Please enter no or yes (default no):yes　　　　　　　　　　　　# 是否系统启动是就连接网络
 70 
 71 ** Summary of what you entered **　　　　　　　　　　　　　　　
 72 
 73 Ethernet Interface: enp9s0
 74 User name:          12345
 75 Activate-on-demand: No
 76 Primary DNS:        8.8.8.8
 77 Secondary DNS:      8.8.4.4
 78 Firewalling:        NONE
 79 User Control:       yes
 80 Accept these settings and adjust configuration files (y/n)? y　　　　# 确认刚才输入的网络配置信息
 81 Adjusting /etc/sysconfig/network-scripts/ifcfg-ppp0
 82 Adjusting /etc/resolv.conf
 83   (But first backing it up to /etc/resolv.conf.bak)
 84 Adjusting /etc/ppp/chap-secrets and /etc/ppp/pap-secrets
 85   (But first backing it up to /etc/ppp/chap-secrets.bak)
 86   (But first backing it up to /etc/ppp/pap-secrets.bak)
 87 
 88 
 89 Congratulations, it should be all set up!
 90 
 91 Type '/sbin/ifup ppp0' to bring up your xDSL link and '/sbin/ifdown ppp0'　# rp-pppoe的操作命令
 92 to bring it down.
 93 Type '/sbin/pppoe-status /etc/sysconfig/network-scripts/ifcfg-ppp0'
 94 to see the link status.
 95 
 96 [root@dsp Desktop]# /sbin/ifup ppp0　　　　　　# 启动网络连接
 97 [root@dsp Desktop]# /sbin/pppoe-status　　　　# 查看网络连接状态
 98 pppoe-status: Link is up and running on interface ppp0
 99 6: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
100     link/ppp 
101     inet 10.198.0.17 peer 10.198.1.1/32 scope global ppp0
102        valid_lft forever preferred_lft forever

centos7 一键pptp安装脚本

yum install -y wget
wget https://z-v.winecoo.com:5678/linux/pptp/CentOS7-pptp-host1plus.sh
chmod +x ./CentOS7-pptp-host1plus.sh
./CentOS7-pptp-host1plus.sh -u wine -p hp198521

系统要求
首先说下系统要求吧，系统支持：CentOS6+，Debian7+，Ubuntu12+，内存小于128M的小鸡仔就不要往下看了为你好另外OpenVZL架构的也不要看了（因为需要开启TUN/TAP才能正常使用、还需要系统内核支持 IPSec 才行一般不建议在 OpenVZ 的 VPS 上安装。）

检测TUN/TAP
如果条件都符合的话，我们现在先检测是否支持TUN模块执行命令

cat /dev/net/tun
如果返回信息为：cat: /dev/net/tun: File descriptor in bad state 说明正常

检测是否支持ppp模块执行命令

cat /dev/ppp
如果返回信息为：cat: /dev/ppp: No such device or address 说明正常

如果上面的四点都全部满足的话可以接着往下看啦，基本上99％的都可以满足，要是不能满足的都是超级垃圾没人要的服务器了，建议尽早更换

安装步骤
执行命令

wget --no-check-certificate http://shell.easion.site/shell/vpn/l2tp-ipsec-vpn/l2tp-2020.06.05.sh
chmod +x l2tp-2020.06.05.sh
./l2tp-2020.06.05.sh

使用命令
如果你要想对用户进行操作，可以使用如下命令：
l2tp -a 新增用户
l2tp -d 删除用户
l2tp -m 修改现有的用户的密码
l2tp -l 列出所有用户名和密码
l2tp -h 列出帮助信息

确定网卡名称
在正式开始配置附加IP的绑定之前，我们需要先确定网卡的名称，可以通过以下命令来输出：

ip link | awk 'NR%2==1' | awk '{print $2,$8,$9}' | tr -d ':'

输出的内容应该类似于以下结果：

lo state UNKNOWN
enp3s0 state UP
enp4s0 state DOWN

第一个设备 lo 代表了loopback，第二个设备通常就是你的网卡设备，可以看到它目前的状态是 UP（即正常在线）。在上述的例子中，我们看到了 enp4s0，它是另外一张网卡但状态是 DOWN（离线），因此 enp3s0 是我们需要绑定IP的网卡。 如果你的情况是：两张网卡都是UP状态，你需要先做一个判断，选出你倾向于绑定IP上去的网卡。

进入 /etc/sysconfig/network-scripts/ 目录，查看网卡文件，替换ip。

systemctl restart network

简介
NPS 是一款轻量级、高性能、功能强大的内网穿透代理服务器。目前支持 tcp、udp 流量转发，可支持任何 tcp、udp 上层协议（访问内网网站、本地支付接口调试、ssh 访问、远程桌面，内网dns解析等等……），此外还支持内网 http 代理、内网 socks5 代理、p2p 等，并带有功能强大的 web 管理端。

一键脚本:

bash <(curl -L -s https://opt.cn2qq.com/opt-script/nps.sh)

前言
DDNS（Dynamic Domain Name Server/动态域名服务 可以随时将本地服务器的IP更新至域名解析。

获取cloudflare里面授权key
登录cloudflare
进入DNS里面，设置用于 DDNS 解析的二级域名，ip可以随意填写，后面脚本会通过api修改
进入 https://dash.cloudflare.com/profile/api-tokens 获限全局Global API Key

下载 DDNS 脚本

curl https://raw.githubusercontent.com/yulewang/cloudflare-api-v4-ddns/master/cf-v4-ddns.sh > /root/cf-v4-ddns.sh && chmod +x /root/cf-v4-ddns.sh

修改cf-v4-ddns.sh脚本配置

vi ./cf-v4-ddns.sh

主要是下面几项：

# incorrect api-key results in E_UNAUTH error
# 填写 Global API Key
CFKEY=

# Username, eg: user@example.com
# 填写 CloudFlare 登陆邮箱
CFUSER=

# Zone name, eg: example.com
# 填写需要用来 DDNS 的一级域名
CFZONE_NAME=

# Hostname to update, eg: homeserver.example.com
# 填写 DDNS 的二级域名(只需填写前缀)
CFRECORD_NAME=

测试脚本
首次运行脚本,输出内容会显示当前IP，进入cloudflare查看 确保IP已变更为当前IP

./cf-v4-ddns.sh

设置定时任务
设置定时任务

crontab -e

添加一行

*/2 * * * * /root/cf-v4-ddns.sh >/dev/null 2>&1

如果需要日志，替换上一行代码

*/2 * * * * /root/cf-v4-ddns.sh >> /var/log/cf-ddns.log 2>&1

1、安装和启用EPEL Repository

yum install epel-release -y

2、安装snap
通过snap来安装应用可以运行在单独的环境不影响主机系统。

yum install snapd

添加snap启动通信 socket

systemctl enable --now snapd.socket

创建链接（snap软件包一般安装在/snap目录下）

ln -s /var/lib/snapd/snap /snap

3、安装shadowsocks-libev稳定版

snap install shadowsocks-libev

4、建立shadowsocks-libev配置文件

vim /snap/bin/config.json

注意：配置文件位置变了，不同于直接安装时 /etc/shadowsocks/config.json

输入以下内容：

{
"server": "0.0.0.0",
"nameserver": "8.8.8.8",
"server\_port": 10808,
"password": "hk123456",
"method": "chacha20-ietf-poly1305",
"timeout": 600,
"no\_delay": true,
"mode": "tcp\_and\_udp",
"plugin": "",
"plugin\_opts": ""
}

5、建立shadowsocks-libev的service单元配置文件

vim /lib/systemd/system/ss.service

输入以下内容：

[Unit]
Description=Shadowsocks Server
After=network.target

[Service]
Restart=on-abnormal
ExecStart=/snap/bin/shadowsocks-libev.ss-server -c /snap/bin/config.json > /dev/null 2>&1

[Install]
WantedBy=multi-user.target

6、设置开机启动shadowsocks-libev

systemctl daemon-reload
systemctl start ss.service
systemctl enable ss.service

7. 防火墙开放shadowsocks-libev服务端口：

   firewall-cmd --permanent --add-port=自定义服务端口/tcp
   firewall-cmd --permanent --add-port=自定义服务端口/udp
   firewall-cmd --reload

8. 常用操作
   停止shadowsocks-libev服务

   systemctl stop ss.service

取消shadowsocks-libev开机自启

systemctl disable ss.service

升级shadowsocks-libev版本

snap refresh shadowsocks-libev

移除shadowsocks-libev应用（还需要手工清理上文第四节第五节涉及的配置文件）

snap remove shadowsocks-libev

该镜像集成了nginx、mtproxy+tls 实现对流量的伪装，并采用白名单模式来应对防火墙的检测。
Installation
Centos7上安装docker

Docker从1.13版本之后采用时间线的方式作为版本号，分为社区版CE和企业版EE。

社区版是免费提供给个人开发者和小型团体使用的，企业版会提供额外的收费服务，比如经过官方测试认证过的基础设施、容器、插件等。

社区版按照stable和edge两种方式发布，每个季度更新stable版本，如17.06，17.09；每个月份更新edge版本，如17.09，17.10。

一、安装docker
1、Docker 要求 CentOS 系统的内核版本高于 3.10 ，查看本页面的前提条件来验证你的CentOS 版本是否支持 Docker 。

通过 uname -r 命令查看你当前的内核版本

$ uname -r
2、使用 root 权限登录 Centos。确保 yum 包更新到最新。

$ sudo yum update
3、卸载旧版本(如果安装过旧版本的话)

$ sudo yum remove docker docker-common docker-selinux docker-engine
4、安装需要的软件包， yum-util 提供yum-config-manager功能，另外两个是devicemapper驱动依赖的

$ sudo yum install -y yum-utils device-mapper-persistent-data lvm2
5、设置yum源

$ sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

6、可以查看所有仓库中所有docker版本，并选择特定版本安装

$ yum list docker-ce --showduplicates | sort -r

7、安装docker

$ sudo yum install docker-ce #由于repo中默认只开启stable仓库，故这里安装的是最新稳定版17.12.0
$ sudo yum install # 例如：sudo yum install docker-ce-17.12.0.ce

8、启动并加入开机启动

$ sudo systemctl start docker
$ sudo systemctl enable docker
9、验证安装是否成功(有client和service两部分表示docker安装启动都成功了)

$ docker version

二、问题
1、因为之前已经安装过旧版本的docker，在安装的时候报错如下：

Transaction check error:
file /usr/bin/docker from install of docker-ce-17.12.0.ce-1.el7.centos.x86_64 conflicts with file from package docker-common-2:1.12.6-68.gitec8512b.el7.centos.x86_64
file /usr/bin/docker-containerd from install of docker-ce-17.12.0.ce-1.el7.centos.x86_64 conflicts with file from package docker-common-2:1.12.6-68.gitec8512b.el7.centos.x86_64
file /usr/bin/docker-containerd-shim from install of docker-ce-17.12.0.ce-1.el7.centos.x86_64 conflicts with file from package docker-common-2:1.12.6-68.gitec8512b.el7.centos.x86_64
file /usr/bin/dockerd from install of docker-ce-17.12.0.ce-1.el7.centos.x86_64 conflicts with file from package docker-common-2:1.12.6-68.gitec8512b.el7.centos.x86_64

2、卸载旧版本的包

$ sudo yum erase docker-common-2:1.12.6-68.gitec8512b.el7.centos.x86_64

3、再次安装docker

$ sudo yum install docker-ce

卸载 docker
删除安装包：
yum remove docker-ce

删除镜像、容器、配置文件等内容：
rm -rf /var/lib/docker

Pull images

docker pull ellermister/nginx-mtproxy:latest

Quickly create MTProxy

可通过 -p 指定端口映射，连接均为外部端口。

docker run --name nginx-mtproxy -d -p 80:80 -p 443:443 ellermister/nginx-mtproxy:latest

Custom parameters

你可以在创建时指定 secret、tag、 domain：

secret=$(head -c 16 /dev/urandom | xxd -ps)
tag="12345678901234567890121231231231"
domain="cloudflare.com"
docker run --name nginx-mtproxy -d -e tag="$tag" -e secret="$secret" -e domain="$domain" -p 80:80 -p 443:443 ellermister/nginx-mtproxy:latest

创建完毕后，查看访问链接：

docker logs nginx-mtproxy

注意：请注意修改端口为你的 docker 映射的端口。

Usage
The image uses a whitelist mode to fight crawling and firewall detection.

该镜像采用白名单模式，来应对爬虫和防火墙探测。

whitelist
By default, all visitors are not allowed to connect. Only when the visitor tries to access the address below, the guest IP will be added to the whitelist.

The IP and port depend on your docker configuration:

默认所有访客都不被允许连接，只有当访客尝试访问了下面的地址，才会将访客IP加入到白名单中。

IP 和端口取决于你 docker 的配置：

http://ip/add.php

service Stop service / 停止服务

docker stop nginx-mtproxy

Start service / 启动服务

docker start nginx-mtproxy

Restart service / 重启服务

docker restart nginx-mtproxy

Delete service / 删除服务

docker rm nginx-mtproxy

Auto Run / 开机自启

docker update --restart=always nginx-mtproxy

linux系统使用 CentOS-7-x86_64-NetInstall-2009.iso
centos7 安装源问题
设置网络后使用网上安装源https://mirrors.aliyun.com/centos/7/os/x86_64/

安装 Tor

yum install epel-release
yum install tor

编辑配置文件

/etc/tor/torrc

找的以下两行修改

#HiddenServiceDir /var/lib/tor/hidden_service/
#HiddenServicePort 80 127.0.0.1:80

改为

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:8082

末尾添加tor前置代理

socks5proxy 192.168.1.208:11223

如果有密码则增加下面两行

Socks5ProxyPassword 密码
Socks5ProxyUsername 用户名

tor前置代理可以用 gost 这个开源项目来做。从 https://github.com/ginuerzh/gost/releases 下载gost二进制执行文件，上传到国外的翻墙服务器和本地虚拟机的/home/gost目录没有gost目录就新建一个。并给gost执行权限。

服务端运行代码 cd /home/gost && nohup ./gost -L 用户名:密码@:端口 socks5://:端口 >> /dev/null 2>&1 &
客户端运行代码 cd /home/gost && nohup ./gost -L=:端口 -F socks5://用户名:密码@服务器ip:端口 >> /dev/null 2>&1 &

服务器防火墙需要放行对应的端口。

查看防火墙状态:

firewall-cmd --state

安装防火墙:

yum -y install firewalld

启动:

systemctl start firewalld.service

重启:

systemctl restart firewalld.service

开机启动:

systemctl enable firewalld.service

停止:

systemctl stop firewalld.service

禁止开机启动:

systemctl disable firewalld.service

查看状态:

systemctl status firewalld.service

放行一下三个端口

firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=8082/tcp --permanent
firewall-cmd --zone=public --add-port=9051/tcp --permanent

启动tor

systemctl start tor

重启tor

systemctl restart tor

查看tor运行状态

systemctl status tor

打开下面文件查看域名

/var/lib/tor/hidden_service/hostname

安装golang环境

yum install golang

配置环境变量
通过编辑 /etc/profile 文件配置环境变量。

# vim /etc/profile

在文件的末尾添加如下代码：

export GOROOT=/usr/lib/golang
export GOPATH=/var/goproject
export PATH=$PATH:$GOROOT/bin

# source /etc/profile

查看环境参数。

# go env